package com.linewell.license.demo.security;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;

/**
 * @author
 * Company:
 * Createtime : 2018年9月11日 下午12:00:05
 * Description : Security配置信息
 */
@Configuration
@EnableWebSecurity
public class SecurityConfigurerAdapter extends WebSecurityConfigurerAdapter {

	@Autowired
	private SecurityAuthenticationProvider securityAuthenticationProvider;
	@Autowired
    private SecurityLoginSuccessHandler securityLoginSuccessHandler;
	@Autowired
    private SecurityLoginFailureHandler securityLoginFailureHandler;
	@Autowired
	private SecurityLogoutSuccessHandler securityLogoutSuccessHandler;

	@Override
	protected void configure(AuthenticationManagerBuilder auth) throws Exception {
		//自定义AuthenticationProvider
		auth.authenticationProvider(securityAuthenticationProvider);
	}

	@Override
	public void configure(WebSecurity web) {
		//解决静态资源被拦截的问题 ,以下不用登录就能访问
		web.ignoring().antMatchers("/login.html")
					  .antMatchers("/loginOut.html")
				      .antMatchers("/assets/**")
					  .antMatchers("/images/**")
					  .antMatchers("/403.html")
				      .antMatchers("/404.html")
					  .antMatchers("/500.html")
				      //监控检测接口
					  .antMatchers("/actuator")
					  .antMatchers("/actuator/**")
					  //swagger相关地址
					  .antMatchers("/swagger-ui.html")
					  .antMatchers("/webjars/springfox-swagger-ui/**")
					  .antMatchers("/swagger-resources/**" )
					  .antMatchers("/v2/api-docs/**")
					  .antMatchers("/api/demo/**")

		;
	}


	@Override
	protected void configure(HttpSecurity http) throws Exception {
		//以下是登陆相关配置
		http.formLogin()
			//设置额外参数
			//.authenticationDetailsSource(new SecurityAuthenticationDetailsSource())
			//设置登录参数
			.usernameParameter("username").passwordParameter("password")
			// 自定义的登录接口
			.loginProcessingUrl("/api/auth/login")
			//认证成功后处理
			.successHandler(securityLoginSuccessHandler)
			//认证失败后处理
			.failureHandler(securityLoginFailureHandler);
		// 以下登录退出相关配置
		http.logout()
			// 登录退出自定义接口
			.logoutRequestMatcher(new AntPathRequestMatcher("/api/auth/logout"))
			// 登录退出成功处理器
			.logoutSuccessHandler(securityLogoutSuccessHandler)
			//删除cookies和使session无效
			.deleteCookies("JSESSIONID").invalidateHttpSession(false);
		//ajax请求的时候发生跳转问题处理
		http.exceptionHandling().authenticationEntryPoint(new RestAuthenticationEntryPoint("/loginOut.html"));
		//加入session过期过滤器
		http.addFilterAfter(new SecurityExpiredSessionFilter(), BasicAuthenticationFilter.class);
		// 关闭csrf防护,暂时禁用CSRF，否则无法提交表单
		http.csrf().disable();
		// "记住我"相关配置，设置一周内记住
		//.rememberMe().rememberMeParameter("rememberMe").tokenValiditySeconds(7*24*60*60);
	}

}
